Identity Disorder Podcast, Episode 4: The Rodeo of Things

identity-disorder-speakers-ep004

In episode 4, Daniel and Chris are pleased to welcome one of ForgeRock’s founders, Victor Ake. Victor gives his insight into the Identity of Things, talking the differences between constrained and unconstrained devices, how IoT brokers work, securing IoT devices using identity standards, and how microservices fit in to the picture. Other topics include airport hotels, wrestling, and–wait for it–the rodeo.

Episode Links:

ForgeRock IoT Page:
https://www.forgerock.com/solutions/devices-things/

ForgeRock Identity Summit in London and Paris
https://summits.forgerock.com/

All upcoming ForgeRock events:
https://www.forgerock.com/about-us/events/

Identity Disorder Podcast, Episode 2

Identity Disorder, Episode 2: It’s a DevOps World, We Just Live In It

identity-disorder-speakers-ep002

In the second episode of Identity Disorder, join Daniel and me as we chat with ForgeRock’s resident DevOps guru Warren Strange. Topics include why DevOps and elastic environments are a bit like herding cattle, how ForgeRock works in a DevOps world, more new features in the mid-year 2016 ForgeRock Identity Platform release, the Pokémon training center next to Daniel’s house, and if Canada might also consider withdrawing from its neighbors.

Episode Links:

Learn more about ForgeRock DevOps and cloud resources: https://wikis.forgerock.org/confluence/display/DC/ForgeRock+DevOps+and+Cloud+Resources

Videos of the new features in the mid-year 2016 ForgeRock Identity Platform release:
https://vimeo.com/album/4053949

Information on the 2016 Sydney Identity Summit and Sydney Identity Unconference (August 9-10, 2016):
https://summits.forgerock.com/sydney/

All upcoming ForgeRock events:
https://www.forgerock.com/about-us/events/

 

Addendum to ForgeRock Full Stack Configuration – Using ForgeRock OpenIG

This is an extension of an earlier post that demonstrated ForgeRock Full Stack Configuration, comprising OpenDJ, OpenAM and OpenIDM. In here we’ll plug in ForgeRock OpenIG to route traffic to/from OpenAM and OpenIDM. In the video log that follows, you’ll see:

– All urls that hit OpenIG, containing a string ‘openam’ getting redirected to OpenAM URL
– All urls that hit OpenIG, that does not contain the string ‘openam’ getting redirected to:

  1. OpenAM for Authentication if there is no valid User session and then on to OpenIDM UI
  2. OpenIDM UI if there is a valid User session

So here’s the extended illustration

AddendumToFullStackConfiguration

Now on to the video.Enjoy!

This blog post was first published @ www.fedji.com, included here with permission.

Scripted SQL Connector in ForgeRock OpenIDM 4

This blog post was first published @ www.fedji.com, included here with permission.

ForgeRock Identity Management solution includes generic Groovy Connector Toolkit that enables you to run Groovy scripts on any external resource. You can read more about it here. Lifted verbatim from the OpenIDM 4 documentation mentioned above:”To facilitate creating your own scripted connectors with the Groovy Connector Toolkit, OpenIDM provides a scripted connector bundler. ” I followed Instructions in there (as well as in the README file of the ‘sample3’ in OpenIDM installation directory), to build a ScriptedSQL Connector to connect OpenIDM to a MySQL Database and my Video Log is below:

Enjoy!

ForgeRock Full Stack Configuration

This blog post was first published @ www.fedji.com, included here with permission.

If you’re in a hurry to know what each of the ForgeRock Identity Platform Components is meant to do, try the Full Stack Configuration. In just over fifteen minutes, you’ll see:

– Installation of ForgeRock OpenDJ
– Deployment of ForgeRock OpenAM
– Configuration of OpenDJ as an Identity Repository in ForgeRock OpenAM
– Installation of ForgeRock OpenIDM
– Configuring OpenDJ as External Resource in OpenIDM
– Running a reconciliation in OpenIDM from OpenDJ
– Provisioning a User from OpenIDM to OpenDJ
– Using OpenAM as the Authentication Module for OpenIDM

With a much awaited weekend around the corner, I couldn’t really get over the laziness to create a better illustration than the one below to help visualize what’s mentioned above.

ForgeRockFullStack

Please watch it, if you have some time. Enjoy!

Thanks: ForgeRock Product Documentation

Configuring Database Table Connector in ForgeRock OpenIDM 4

This blog post was first published @ www.fedji.com, included here with permission.

The video embedded below is quite straight forward. It demonstrates how to configure Database Table Connector in ForgeRock OpenIDM 4 to connect to provision/deprovision Users in a Database Table (MySQL):

Enjoy!

Deploying a Highly Available ForgeRock Identity Management Solution

This blog post was first published @ www.fedji.com, included here with permission.

We have already discussed on this space the installation of ForgeRock Identity Management Solution and further configuring a Database as its repository. But in those discussions, all the critical components of the Solution namely the ForgeRock OpenIDM 4, MySQL Database were a Single Point of Failure. In an environment where business continuity is critical, we ought to build a solution that has no SPOF in the architecture. So I’m going to take you through that route today. Of course, this is a hint and just a way to understand the different options that you might consider in Configuring ForgeRock OpenIDM 4 for High Availability.

I’ve a rather simple example of HA configuration, mainly meant for understanding and learning it. In a sensitive infrastructure, a great deal of planning goes into building a Highly Available Environment. So what’s the small little setup we’ve here for learning:

ForgeRock OpenIDM 4 High Available Configuration

Two instances of ForgeRock OpenIDM 4 connects to a MySQL Proxy, which in turn talks to a MySQL Replication site. Of course, in this setup, MySQL Proxy is a SPOF, so you should have at least two of it in front of the MySQL Replication site. But if I had attempted to it, the whole thing would have looked a lot more complicated and would have failed the objective of being a learning tool. So if you’ve just under a half an hour to spare, you will know:

– How to use MySQL Proxy
– How to setup MySQL Replication (Master/Slave)
– How to install OpenIDM 4
– How to configure OpenIDM 4 to use a MySQL Database as its Repository
– How to bring up an OpenIDM Cluster environment

Well, the final state is what you get to see in the illustrations above.

Now on to the video. Enjoy!

ForgeRock Common Audit

ForgeRock LogoCommon Audit is another new feature of the ForgeRock platform.

Common Audit is part of the platform-wide infrastructure: a framework to handle audit events using common audit event handlers that are plugged in to the individual products. The handlers record events, logging them for example into files, relational databases, or syslog. Because handlers are pluggable, new handlers can be added to interoperate with your systems that store and analyze audit data.

Each audit event is identified by a unique transaction ID. The IDs can be communicated across the products and recorded for each local event. The transaction ID is the means to track requests as they traverse the platform.

In the current platform, configuring handlers depends on the product. So there are several places in the docs to read about how to configure Common Audit:

In addition, if you want to get the source code for Common Audit, or are interested in trying out new handlers and developments, you can find it on the ForgeRock Stash server. Right now it is in the forgerock-audit git repository. (To access most code on the ForgeRock Stash server, sign in with your ForgeRock credentials. You can sign up if you have not done so.)


What’s new in the ForgeRock platform release

ForgeRock LogoPerhaps you have read yesterday’s news about ForgeRock launching the updated identity platform.

Those of us who spent the last year working on this update are proud of all the new capabilities, from the integration achieved with common components to the depth and breadth of new features across all the products in the platform.

Looking for detailed lists of what’s new? Here are some quick links to each of the products’ release notes:

I’ll drill down on some of those in future posts.